Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/ebf6cb-a779-464f-8bee-8f08e0272df8/1/AXNbFMVh1Tk5cNlykU1ym5BzwLc.roa
File: AXNbFMVh1Tk5cNlykU1ym5BzwLc.roa (raw, json)
Hash identifier: JzBdFKHug4ryfHxZ+QFDqqiciCctoOGzasouYdCQN1c=
Subject key identifier: 01:73:5B:14:C5:61:D5:39:39:70:D9:72:91:4D:72:9B:90:73:C0:B7
Certificate issuer: /CN=9301ea05963c9756f28ee2e98b8f3cc479dc9f58
Certificate serial: 018CC795443654772EC8F9C8C743A7AFE3A5
Authority key identifier: 93:01:EA:05:96:3C:97:56:F2:8E:E2:E9:8B:8F:3C:C4:79:DC:9F:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kwHqBZY8l1byjuLpi488xHncn1g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/ebf6cb-a779-464f-8bee-8f08e0272df8/1/AXNbFMVh1Tk5cNlykU1ym5BzwLc.roa
Signing time: Tue 02 Jan 2024 00:31:37 +0000
ROA not before: Tue 02 Jan 2024 00:31:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 185.176.100.0/24 maxlen: 24
185.176.103.0/24 maxlen: 24
185.176.101.0/24 maxlen: 24
185.176.102.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:44:36:54:77:2e:c8:f9:c8:c7:43:a7:af:e3:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9301ea05963c9756f28ee2e98b8f3cc479dc9f58
Validity
Not Before: Jan 2 00:31:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01735b14c561d5393970d972914d729b9073c0b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:b5:1c:f8:dd:5e:20:88:9c:4a:89:3d:c2:88:
ff:42:2b:1b:f8:c2:b0:7f:20:ce:97:f5:3e:d5:c7:
67:21:a2:72:50:12:99:0c:b5:15:4a:52:7e:d7:e6:
18:5c:f9:db:40:75:94:27:1f:7f:e1:ee:11:39:a1:
16:81:cf:94:bf:0e:12:59:7b:f3:9e:8a:0e:d6:26:
a2:51:77:c2:ff:e2:6f:50:02:14:dc:73:9f:95:a8:
83:fc:0f:24:be:10:da:a3:65:92:53:76:f1:cd:43:
96:08:20:5f:fb:a7:dd:6f:01:88:ae:05:19:60:3e:
cc:22:81:ac:e9:1b:16:1c:2b:60:3f:48:9d:96:a4:
1a:b1:50:09:62:a4:18:51:bc:55:b1:85:39:39:0b:
cb:0a:80:57:72:5e:c4:85:0a:9e:b4:91:b0:f7:50:
7c:0c:48:fa:7c:a4:e9:e9:96:10:e6:a0:8f:18:02:
8d:6b:11:25:7a:99:4b:18:5d:fe:39:a1:96:5d:56:
fa:dc:3f:bc:28:51:84:dd:68:69:5c:ae:72:66:df:
fc:f5:00:a1:04:f4:18:ec:b3:af:0d:c6:4b:f0:af:
bf:00:9a:56:39:85:33:99:e9:e8:d4:6b:0f:02:e0:
b1:e8:51:36:36:85:16:46:d2:39:cd:21:c2:28:80:
65:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:73:5B:14:C5:61:D5:39:39:70:D9:72:91:4D:72:9B:90:73:C0:B7
X509v3 Authority Key Identifier:
keyid:93:01:EA:05:96:3C:97:56:F2:8E:E2:E9:8B:8F:3C:C4:79:DC:9F:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kwHqBZY8l1byjuLpi488xHncn1g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/ebf6cb-a779-464f-8bee-8f08e0272df8/1/AXNbFMVh1Tk5cNlykU1ym5BzwLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/ebf6cb-a779-464f-8bee-8f08e0272df8/1/kwHqBZY8l1byjuLpi488xHncn1g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.176.100.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:72:1c:3b:8c:1d:bd:d3:2f:70:e5:d4:16:cb:ed:93:fb:91:
51:23:d9:dd:d4:3b:f4:0d:da:48:62:c0:84:14:d9:59:16:f0:
2b:e5:34:c7:dc:03:1b:98:bb:e3:b5:d6:95:fd:96:5a:fe:5b:
d8:81:e6:9c:61:94:00:f2:89:fa:67:da:2c:79:64:3c:3a:09:
c8:ba:7d:86:e2:59:e0:4c:71:fd:69:2a:62:f5:f3:f2:70:38:
92:ae:eb:92:4d:2a:7c:69:8a:bc:3e:87:43:11:68:a0:28:3d:
e3:26:31:11:f2:e3:bc:af:d8:57:89:82:29:14:03:a5:25:f0:
fa:ae:ff:0f:96:19:09:af:92:4c:6b:82:49:5b:e4:d8:d0:da:
a1:f4:f5:e4:58:27:ec:e0:c5:6c:93:a8:f1:cd:28:c6:93:c9:
aa:ad:fa:06:96:10:80:d8:5d:be:24:49:30:07:75:d7:30:ea:
c9:f2:ed:a4:5c:c1:ac:f3:f8:e7:de:f6:28:ff:83:df:65:b6:
c8:56:0f:7a:e2:20:ac:7b:34:10:2c:1b:21:0f:a4:9b:fc:8f:
5d:87:9c:6d:7a:7b:40:38:7c:05:f7:fa:9c:33:89:77:1f:fd:
86:b9:ae:37:08:b1:84:df:63:39:cb:96:4d:21:81:3d:ce:2e:
74:eb:73:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlUQ2VHcuyPnIx0Onr+OlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMDFlYTA1OTYzYzk3NTZmMjhlZTJlOThiOGYzY2M0Nzlk
YzlmNTgwHhcNMjQwMTAyMDAzMTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTczNWIxNGM1NjFkNTM5Mzk3MGQ5NzI5MTRkNzI5YjkwNzNjMGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7rUc+N1eIIicSok9woj/Qisb+MKw
fyDOl/U+1cdnIaJyUBKZDLUVSlJ+1+YYXPnbQHWUJx9/4e4ROaEWgc+Uvw4SWXvz
nooO1iaiUXfC/+JvUAIU3HOflaiD/A8kvhDao2WSU3bxzUOWCCBf+6fdbwGIrgUZ
YD7MIoGs6RsWHCtgP0idlqQasVAJYqQYUbxVsYU5OQvLCoBXcl7EhQqetJGw91B8
DEj6fKTp6ZYQ5qCPGAKNaxEleplLGF3+OaGWXVb63D+8KFGE3WhpXK5yZt/89QCh
BPQY7LOvDcZL8K+/AJpWOYUzmeno1GsPAuCx6FE2NoUWRtI5zSHCKIBlWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAFzWxTFYdU5OXDZcpFNcpuQc8C3MB8GA1UdIwQY
MBaAFJMB6gWWPJdW8o7i6YuPPMR53J9YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3dIcUJaWThsMWJ5anVMcGk0ODh4SG5jbjFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9lYmY2Y2ItYTc3OS00NjRmLThiZWUt
OGYwOGUwMjcyZGY4LzEvQVhOYkZNVmgxVGs1Y05seWtVMXltNUJ6d0xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9lYmY2Y2ItYTc3OS00NjRmLThiZWUtOGYwOGUwMjcyZGY4
LzEva3dIcUJaWThsMWJ5anVMcGk0ODh4SG5jbjFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubBkMA0G
CSqGSIb3DQEBCwUAA4IBAQA7chw7jB290y9w5dQWy+2T+5FRI9nd1Dv0DdpIYsCE
FNlZFvAr5TTH3AMbmLvjtdaV/ZZa/lvYgeacYZQA8on6Z9oseWQ8OgnIun2G4lng
THH9aSpi9fPycDiSruuSTSp8aYq8PodDEWigKD3jJjER8uO8r9hXiYIpFAOlJfD6
rv8PlhkJr5JMa4JJW+TY0Nqh9PXkWCfs4MVsk6jxzSjGk8mqrfoGlhCA2F2+JEkw
B3XXMOrJ8u2kXMGs8/jn3vYo/4PfZbbIVg964iCsezQQLBshD6Sb/I9dh5xtentA
OHwF9/qcM4l3H/2Gua43CLGE32M5y5ZNIYE9zi5063PZ
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:28:31 2025 by rpki-client